Compromising OpenDrive's Cloud Storage Accounts – Or How Not to Design Session Management - Randy Westergren
Tags
| attack-pattern: | Domains - T1583.001 Domains - T1584.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | 99804157-7cc3-4c62-87db-89e3b1fc9c62 |
| Fingerprint | b574c94d0ba2ad85 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 9, 2018, 10:43 a.m. |
| Added to db | Feb. 18, 2023, 2:16 a.m. |
| Last updated | Nov. 4, 2024, 2:34 p.m. |
| Headline | Compromising OpenDrive’s Cloud Storage Accounts – Or How Not to Design Session Management |
| Title | Compromising OpenDrive's Cloud Storage Accounts – Or How Not to Design Session Management - Randy Westergren |
| Detected Hints/Tags/Attributes | 37/1/17 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 16 | ancestry.com |
|
| Details | Domain | 2 | web.opendrive.com |
|
| Details | Domain | 1 | ai2.opendrive.com |
|
| Details | Domain | 1 | support.opendrive.com |
|
| Details | Domain | 4 | opendrive.com |
|
| Details | Domain | 14 | od.lk |
|
| Details | File | 4 | file.json |
|
| Details | File | 3 | info.json |
|
| Details | File | 2 | list.json |
|
| Details | File | 1 | 1337.jpg |
|
| Details | File | 1 | thumb.json |
|
| Details | File | 74 | test.jpg |
|
| Details | sha256 | 1 | 19ebbbef64d8a5404cc0b16603cea3de659c607a23ae639986d5e5c477f6b5e8 |
|
| Details | Url | 1 | https://web.opendrive.com/api/v1/download/file.json/abc123 |
|
| Details | Url | 1 | https://ai2.opendrive.com/api/v1/users/info.json/1517592191112474005 |
|
| Details | Url | 1 | https://ai2.opendrive.com/api/v1/folder/list.json/1517592191112474005/njlfmta2nzgynf93rjzauw?last_request_time=0&offset=0 |
|
| Details | Url | 1 | https://ai2.opendrive.com/api/v1/users/info.json |